[noise] Susurrus: Noise implementation in Rust
Jason A. Donenfeld
Jason at zx2c4.com
Wed Jul 8 07:47:49 PDT 2015
On Wed, Jul 8, 2015 at 4:33 PM, Tiffany Bennett <tiffany at stormbit.net> wrote:
> + The use of the RFC variant of ChaCha is a bit annoying right now,
> because I am currently using bindings of libsodium, which do not
> support this. I'm sure the situation will improve eventually. Right
> now, I'm just using the original ChaCha.
libsodium actually does support this via the
crypto_aead_chacha20poly1305_ietf_encrypt/decrypt functions:
https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c#L75
> In order to handle UDP I believe I will
> have to put a message type and nonce in the prologue, because of the
> unreliable out of order delivery.
I'm actually prepending the nonce counter to *every* individual
encryption message, and only accepting it if it's within X of the
biggest received nonce yet.
More information about the Noise
mailing list